Jerome wants to use an obfuscation method to protect data in his database. His organization works with sensitive customer data and does not want to run the risk of that data being exposed via their web application, but still wants to use the rest of their customer data in the application. What obfuscation process or tool should he use to ensure that the data can be matched to customers while remaining secure?
Answer Options
Use a steganographic program to modify the data, then use that data for the web application.
Use a masking algorithm to completely mask the data, then use a single database.
Tokenize the data and use the tokenized data in a database set up for the web application.
Hash the data in the original database, then use the database for the web application.
Correct Answer: C
Explanation
Tokenizing the data in a separate database will allow both the original unaltered database and a secured database to be used. This reduces risk while retaining data integrity where required. Steganography hides data in images and does not fit this use case. Masking only conceals data and does not protect it against attacks against the underlying application or database in many cases. Hashing the original database will transform the data, and using a single database remains risky.